Alternatives and similar repositories for cuckoo

Users that are interested in cuckoo are comparing it to the libraries listed below

• opendxl / opendxl-broker
  OpenDXL Broker is an open source version of a Data Exchange Layer (DXL) broker
  ☆14Updated last year
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• jipegit / IncidentsMindMaps
  Cybersecurity Incidents Mind Maps
  ☆34Updated 4 years ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆18Updated 4 years ago
• mitre / gocat
  Simplified go-cat agent for caldera
  ☆11Updated last year
• proferosec / Threat-Intelligence
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Updated 6 years ago
• Yara-Rules / YaraRET
  Carving tool based in Radare2 & Yara
  ☆16Updated 7 years ago
• wolfvan / YaraRET
  Carving tool based in Radare2 & Yara
  ☆16Updated 7 years ago
• Security-Onion-Solutions / securityonion-elastic
  Security Onion Elastic Stack
  ☆46Updated 4 years ago
• OTRF / openhunt
  ☆35Updated 4 years ago
• exp0se / detect_kerberos_attacks
  Detect kerberos attacks in pcap files
  ☆29Updated 9 years ago
• Benster900 / ThreatWaffle
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆27Updated 7 years ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆28Updated 6 years ago
• Velocidex / go-prefetch
  A golang implementation of a prefetch parser.
  ☆19Updated last month
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 6 years ago
• mitre-attack / joystick
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Updated 2 years ago
• corelight / zeek-quic
  Bro analyzer that detects Google's QUIC protocol
  ☆10Updated 4 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 5 years ago
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆103Updated 5 months ago
• nccgroup / yaml2yara
  Generate bulk YARA rules from YAML input
  ☆22Updated 5 years ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆103Updated 3 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆18Updated 6 years ago
• NextronSystems / simplesyslog
  Simple SYSLOG client in Go
  ☆22Updated 6 months ago
• 0xAnalyst / Sysmon
  Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
  ☆56Updated last year
• botherder / go-autoruns
  Collect autorun records from running system
  ☆60Updated 3 years ago
• mitre-attack / evals_caldera
  A CALDERA plugin for ATT&CK Evaluations Round 1
  ☆33Updated 2 years ago
• DearBytes / Opensource-Endpoint-Monitoring
  This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
  ☆35Updated 6 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 5 years ago
• nao-sec / tknk_scanner
  Community-based integrated malware identification system
  ☆82Updated 3 years ago
• NextronSystems / thor_attck
  THOR MITRE ATT&CK Framework Coverage
  ☆25Updated 5 years ago